Home › ISO 27001 Training Courses › ISO/IEC 27001:2022 Annex A Controls Training Course

DURATION

0.5 day

CPD

Equivalent to 4 hours

CERTIFICATES

All delegates will receive a certificate on completion.

DELIVERY OPTIONS

In-company training

Increase your understanding of the Annex A controls in ISO/IEC 27001:2022 for greater confidence in implementing, managing and auditing an information security management system (ISMS).

Overview

This half-day ISO 27001 Annex A training course addresses the complex area of Annex A controls within ISO 27001 through a games-based approach, designed to make learning enjoyable and more effective.

Developed by an industry expert, this highly interactive training course is led by a knowledgeable tutor and ensures that all delegates can take part in the learning process.

The course covers all Annex A themes, with the greatest focus on its technological controls, which are often found to be a weaker area in ISMS auditing.

Click to read the ISO/IEC 27001:2022 Annex A Controls course flyer.

Who should attend?

The course extends the knowledge of those who already have some understanding of ISO 27001. It is suitable for anyone who has already attended, or is planning to attend, an ISO 27001 training course. This may include:

internal auditors
lead auditors
certification body auditors
information security management system implementers and freelance consultants who have some knowledge of the basic structure of ISO 27001, and who may be involved in the design and/or auditing of an ISMS
managers who need to oversee specific activities within an information security management system (e.g. IT Services, Facilities Management).

The course is suitable for all industries, with the principles applicable to both product and service organisations.

For those who do not yet have knowledge or experience of ISO 27001, we recommend also attending our 1-day Introduction to ISO 27001 training course.

Key topics

Key topics covered in the course include:

an overview of ISMS based on ISO 27001
the PDCA cycle
information pathways
HR controls
cloud computing and data centres
facilities management controls
network management
admin controls
event monitoring
IT controls
bespoke controls

Course agenda

You will receive an Annex A guidance document which contains all the Annex A Controls as our recommended pre-course reading. Delegates do not have to bring the entire standard to the course, and can use this guidance document for reference.

The 4-hour course follows the following structure, with exact timings depending on the format of training:

8.45 REGISTRATION
9.00 Welcome and introductions
Overview of ISO 27001:2022 (refresher)
Game 1 Information pathways
Case study brief
Game 2 HR controls
Game 3 FM controls
BREAK
Game 4 Admin controls
Game 5 IT controls
Examples of bespoke controls (not explicit in Annex A)
13:00 CLOSE

Games are interspersed with quizzes and technical sessions.

Skills gained

By the end of the course delegates will have gained confidence in applying and auditing Annex A controls in their ISMS. This includes a deeper understanding of its technological controls, and enhanced orientation of interactions between controls.

In-company training availability

Receive this course exclusively for your organisation, either in-person at your chosen venue or online in our user-friendly Virtual Classroom.

Enjoy cost-effective flexibility and personalised learning with tailored messaging designed to address your unique business challenges.

In-Person
Delegate numbers	TBC
Total fees	TBC

Virtual Classroom
Delegate numbers	TBC
Total fees	TBC

What's included

Delegate certificates of attendance.
Comprehensive course materials and handouts.
All tutor expenses and courier fees.
Free cancellation up to 13 working days before commencement.

For courses held outside the UK or requiring significant adjustments, we will clearly inform you of any additional fees before you book.

Next steps

Find out our availability and enquire about this course by completing the form and our training team will get in touch with you.

Alternatively contact us on 0333 123 9001 or email contact@bywater.co.uk to discuss your requirements.

Enquire

Complete the following form to enquire about this course and our training team will be in touch.

Back to course listing

Customer reviews

Covered a variety of RCA tools and topicsThe content of the course covered a variety of tools and topics, my previous exposure to RCA has been using a very limited number tools/methods. The tutor was also very good.

Cegos Uk|17th Sep, 2025

Complex ideas made easy to understandThe course was comprehensive and presented in a clear and structured way that made complex ideas easy to understand.

AMB Co. Ltd|17th Sep, 2025

Amazing tutor at keeping engagementThe tutor was amazing at keeping engagement and making the long hours of sitting on a virtual classroom feel like it went by quickly, while still giving all the information and explaining everything to the best of his knowledge. He...

Claro|16th Sep, 2025

Discussion and questions welcomed throughout the courseThe Tutor Dave was very knowledgeable, professional and welcomed discussion and questions throughout the course.

3t Global|16th Sep, 2025

Tutor struck a perfect balance with his teaching styleGary struck a perfect balance between effectively educating the group on the importance Internal Auditing, whilst also engaging and entertaining everyone with his humour and charisma throughout the course. He came across as very approachable, if anyone had a question...

Hochiki Europe|16th Sep, 2025

Excellent tutorExcellent tutor. Very knowledgeable and great at delivering the content.

MOD|15th Sep, 2025

Tutor’s knowledge and experience is second to noneRichard is so engaging with the courses he delivers and his knowledge and experience is second to none. The course allows you to network with colleagues from other sectors and share experiences, and allows time to work as a group...

Thames Valley Police|12th Sep, 2025

Course material made relatable to real-life situationsThe tutor demonstrated excellent knowledge of ISO 9001 and auditing practices, explained concepts in a clear and engaging way, and used practical examples that made the material relatable to real-life situations.

Guyana National Bureau Of Standards|11th Sep, 2025

Very helpful, approachable and friendly tutorThe tutor made the content as interesting and understandable as possible. Nicola was very friendly, approachable and helpful with any questions throughout the course.

EMSOU Forensic Services|10th Sep, 2025

Tutor made the experience far easier for a newcomerAs a newcomer to measuring uncertainty, Tim explained everything clearly, making the experience far easier.

MOD|9th Sep, 2025

Exceptional subject knowledgeThe tutor's knowledge of the subject was exceptional, they were also able to help students feel at ease which made participation easier.

JW Suckling Transport Limited|9th Sep, 2025

Very useful mix of workshops, lectures and discussionsThe mix of workshops, lectures and personal experience shared during the course was excellent and very useful.

CTBTO|8th Sep, 2025

ISO/IEC 27001:2022 Annex A Controls Training Course

DURATION

CPD

CERTIFICATES

DELIVERY OPTIONS

In-company training availability

What's included

Next steps

Enquire

Customer reviews

You may also be interested in...

ISO 27001 ISMS Implementation Training Course

ISO 27001 Lead Auditor Training Course

ISO 22301 Internal Auditor Training Course